BYOD Adaption in Banking
A report submitted to the Institute for Development and Reasearch
in Banking Technology, Hyderabad
In partial fulfillment of the summer internship of
Bachelor of Technology
In
Computer Science & Engineering
By
Konda Rashmitha
Indian Institute of Technology,
Indore
CERTIFICATE
This is to certify that the project work, entitled
“BYOD Adaption in
Banking”,
submitted for partial fulfillment of the requirement for the award of
summer internship of
Bachelor of Technology in Computer Science &
Engineering
to the Indian Institute of Technology-Indore is a bonafide work
carried out by
Konda Rashmitha (1100119)
under my guidance. The matter
embodied in the project report has not been submitted for the award of other
degree or diploma.
Project Guided by
Dr. Rajarshi Pal
Assistant Professor @ Institute of Development and
Research in Banking Technology (IDRBT),
DECLARATION
I,
Konda Rashmitha
, hereby declare that this dissertation entitled
“BYOD Adaption in Banking”,
submitted by me under the guidance and
supervision of
Dr. Rajarshi pal
, Assistant Professor, IDRBT, is a bonafide work. I
also declare that it has not been submitted previously in part or in full to this
institute or other university or institute for the award of any degree or diploma.
Date:
11 July, 2014
Place:
IDRBT,
Signature of the student
Hyderabad
. Name:
Konda Rashmitha
Roll No. - 1100119
Contact:
08985337531
ACKNOWLEDGEMENT
I would like to take this opportunity to thank wholeheartedly the gracious souls without whom this project would have been unfulfilled dream.
I express my sincere gratitude to Dr. Rajarshi Pal, Assistant Professor, IDRBT, India, for his
stimulating guidance, continuous encouragement and supervision throughout the course of present work.
I am extremely thankful to Shri B. Sambamurthy, Director and IDRBT for providing me
infrastructural facilities to work in, without which this work would not have been possible.
I would like to thank my Friends for their constant source of encouragement, motivation and their help in my project invaluable.
Finally I thank my parents for their love and encouragement.
Sincerely, Konda Rashmitha (1100119)
Content
1 Introduction
01
1.1Advantages 02 1.2Disadvantages 032 BYOD Adoptions
04-05
3 Challenges
06
4 Framework of BYOD
07
4.1 Proposed architecture 07 4.2 Explanation 081 | P a g e
INTRODUCTION
BYOD (bring your own device), is a rapidly growing issue among the IT experts across the world. Many employees like to access their work materials at anytime and anywhere, and are increasingly using their personal devices to do so. Employees at companies of all sizes are bringing a variety of wireless devices, from smartphones to tablets, with different operating systems, makes, models and features.
The employees bring their personal devices to work, access business emails on their phones, download and transfer business data between their workplace system and one or more devices.
2 | P a g e
1.1 ADVANTAGES:
Cost saving: A business that adopts a BYOD policy allows itself to save money on high priced devices that it would normally be required to purchase for their employees (Reduce hardware spend, software licensing & device maintenance).
Productivity gain: Employees are more comfortable and often work faster with their own technology. Workers will always have their device with them, whether it is at work from home.
Increased Flexibility: Allowing employees to bring their own devices to the workplace can drastically increases employee flexibility and employee productivity. The organizations still utilizes desktop computers, a BYOD policy would allow for employees to work remotely with little effort.
Employees enjoy increased mobility.
IT benefits from a simplified infrastructure, and a reduction in ongoing end-user devices management, troubleshooting and support.
BYOD can help to attract and retain top performers who seek to work flexibly, and often put in time outside traditional work hours.
3 | P a g e
1.2 DISADVANTAGES:
Data security: This could be the biggest issue for organizations while implementing a BYOD system. Letting employees use their own devices for work purposes can lead to pertinent company data being compromised. The problem IT decision makers are encountering is trying to find the best method to allow users to access all data necessary while keeping that data safe and secure.
The device is used to access both sensitive and risky network’s services.
Unique security challenges to IT professionals and there is very much need for stronger access control and authentication policies.
Cost, the some of the organizations still purchase the devices for the employees.
Exposure to data breaches, privacy violations and other security risks if the device and its applications have inadequate security.
4 | P a g e
2 BYOD ADOPTIONS:
Password policy:The company may have a lot of users/employees using devices on company network that will also be taken nearly everywhere. The companies do not want weak passwords, such that they can be easily 'hacked' and give access to the company data to the wrong people. For this, the companies need to instate a strong password policy across the board. Also, make sure they require regular password changes. The end users will balk at this but, in the end it will be worth the security gained.
Multi-level authentication:
1)User name and password.2)Digital certificate: Exchange of trusted certificate between the devices and enterprise services to authenticate the device by using the Digital signature algorithm(DSA).
User device registration:
Each and every device has to undergo some authentication process before accessing the enterprise server and files. This is done to ensure the user and device to avoid the potential threat.
Limited supported platforms:
It will be a tedious task for the mobile device management to provide an architecture which is flexible i.e. accessibility with any device or O.S. A set of guidelines/ predefined devices should be provided to restrict each and every device from accessing the enterprise server which makes the mobile management complicated.
Educate your employees:
Employees need to understand the risks involved with BYOD. They need to know how important it is to keep anti-virus and anti-malware up to date. They also need to know how best to keep data secure on their devices and that they should never use those devices on unsecured networks.
5 | P a g e
Expand your infrastructure:
The company end users are going to be taking up more bandwidth. This means more powerful wireless is going to be necessary. Instead of dealing with a bottleneck on the network, make sure company using equipment that can handle the load. Do not rely on consumer grade wireless routers. Company will also need to make sure network have a large enough incoming pipe to allow for the extra traffic coming in from end users working from various locations.
Wipe data locally, remotely and selectively:
Initiate automatically local wipe of data after 10 failed attempts(all data and settings on the device will be erased).Remote wipe is as soon as any users reports missing or lost device administrator should initiate remote wipe of the device. Selective wipe data on the device which can be certain sensitive documents, logs, configurations file according to organizations need stored in specific area.
6 | P a g e
3. CHALLENGES
:Some of the challenging aspects while implementing BYOD are discussed below
Anytime, Anywhere access: Many employees like to access their work materials at anytime and anywhere, and are increasingly using their personal devices to do so. Employees at companies of all sizes are bringing a variety of wireless devices, from smartphones to tablets, with different operating systems, makes, models and features.
Data collection &security: IT professions are taking efficient measures to protect data and confidentiality, it is advisable to use a password or PIN lock on mobile devices. . Web site filtering, spam filtering, data leak protection and application control technologies will become even more important as information is transferred to and from each user’s individual device.
Network availability, Access & Second network: Wi-Fi technology will need to be tightly integrated into security infrastructure.
No One-fits-all paradigm: The data availability should differ from person to person as each person/employee will have different data access limitations.
7 | P a g e
4 Framework of BYOD
4.1 Proposed architecture:
Devices Internet Admin server repository
Firewall vpn Firewall
Certificate server
Bank server plugin for scanning
File management server
I D S
8 | P a g e
4.2 Explanation:
The devices are connected to the company network via internet. A firewall established a barrier between a trusted, secure internal network and another network. Enterprise networks and redirects emails and synchronizes contacts and calendaring information between servers, desktop workstations and mobile devices.
VPN (virtual private network) provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. When a guest tries to access the data on enterprise server, he/she would undergo an authentication process which can be through certificates, tokens, smart cards or even SMS along with form based username/password mechanism which would ultimately be following a multi-factor authentication approach.
Admin server/Mobile Device Management: The server administer can wipe out the device data when cost. The entire device list is monitored and managed by the mobile management administrator. The MDM is considered to be the key part of BYOD.
The device information and authentication will be stored in a repository (Database) for the future reference.
Digital certificates will be issued and monitored by certificate server, when the users want to access the data from the enterprise server.
After complication of device registration process, an automatic plugin is initiated which is designed to scan the device to make sure it is thread free.
File management server continuously stores backup, manages the session to synchronize file transfer and manages various documents.
9 | P a g e
Conclusion:
Through this paper we are proposing architecture for BYOD in banking. Various factors are considered which includes data security, multi-level authentication, file access management and mobile device management while proposing this architecture. Data security is provided through encryption based on network address. Multi-level authentication is provided through Digital certificates and OTP’s. However there is a very high risk of data exposure even though secured communication is available. In future there is a very much need to develop a secured communication channel with which the data security can also be provided.
10 | P a g e
References:
[1] S. K. Crook and I. Song, “Mobile virtualization technology assessment”, Int. Data Corp. (IDC), Framingham, MA, USA.
[2] ” Balance Technology”, in BlackBerry - BlackBerry Balance Technology Separates Personal from Business Information, RIM.
[3] Z. Epstein, “RIM announces blackberry balance for work-life balance on a single smartphone”, in BGR: The Three Biggest Letters in Tech. BGR, May 2, 2011.
[4] R. Halevy, BRIM finally details features of BlackBerry balance,[ in Berry Review, May 3, 2011.
[5] J. Dolcourt, Divide for Android Takes on BlackBerry, Sprint ID, CNET, Feb. 28, 2011. [6] J. Madden, BYOD Smack down 2012: Enterproid Divide Creates a Secure Work Persona on Personal Devices, Feb. 16, 2012, Consumerist. N.p.
[7] J. Hazard, “Enterproid Divides Work and Personal on Android Devices, Fires at Blackberry”, in ZDNet. Between the Lines,Feb. 28, 2011
[8] M. Creeger. (2011, Aug.). ACM CTO roundtable on mobile devices in the enterprise. ACM QUE Mag.
